Sensitive Information Exposure in IBM Concert Product
CVE-2025-33081

3.3LOW

Key Information:

Vendor: IBM
Status: Concert
Vendor: CVE Published:; 3 February 2026

What is CVE-2025-33081?

The IBM Concert product versions 1.0.0 through 2.1.0 have a vulnerability that allows local users to access log files containing potentially sensitive information. This exposure may lead to unauthorized disclosure of data, placing user confidentiality at risk. It is crucial for users to understand the implications of this vulnerability and take necessary actions to mitigate exposure.

Affected Version(s)

Concert 1.0.0 <= 2.1.0

References

https://www.ibm.com/support/pages/node/7257565

vendor-advisorypatch

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 3, 2026
Vulnerability Reserved
Apr 15, 2025

CVE-2025-33081 Data

JSON